# Docker enhancements

* optimizes nginx.conf
   * better proxy pipelining
* optimizes Dockerfile
   * smaller resulting image
   * faster rebuilding due to reusing of existing layers
* optimizes docker-entrypoint.sh
   * better startup performance
   * better compatibility with docker engine

Dockerfile

@@ -1,27 +1,36 @@
+# Nutze ein schlankes Python-Image
 FROM python:3.11-slim-bullseye
+
 ENV PYTHONUNBUFFERED 1
 
 WORKDIR /konova
 
-# Install some dependencies
-RUN apt update
-RUN apt install -y gdal-bin redis-server nginx
+# Installiere System-Abhängigkeiten
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    gdal-bin redis-server nginx \
+    && rm -rf /var/lib/apt/lists/*  # Platz sparen
 
-# Copy requirements file into workspace and install all dependencies
+# Erstelle benötigte Verzeichnisse & setze Berechtigungen
+RUN mkdir -p /var/log/nginx /var/log/gunicorn /var/lib/nginx /tmp/nginx_client_body \
+    && touch /var/log/nginx/access.log /var/log/nginx/error.log \
+    && chown -R root:root /var/log/nginx /var/lib/nginx /tmp/nginx_client_body
+
+# Kopiere und installiere Python-Abhängigkeiten
 COPY ./requirements.txt /konova/
-RUN pip install --upgrade pip
-RUN pip install -r requirements.txt
+RUN pip install --upgrade pip && pip install --no-cache-dir -r requirements.txt
 
-# Remove nginx default configuration and replace with own configuration
-RUN rm /etc/nginx/sites-enabled/default
+# Entferne Standard-Nginx-Site und ersetze sie durch eigene Config
+RUN rm -rf /etc/nginx/sites-enabled/default
 COPY ./nginx.conf /etc/nginx/conf.d
 
-# Create log folders
-RUN mkdir /var/log/gunicorn
-
-# Copy rest of project into workspace
+# Kopiere restliche Projektdateien
 COPY . /konova/
 
-# Move static files in designated folder
-RUN python manage.py collectstatic  --noinput
+# Sammle statische Dateien
+RUN python manage.py collectstatic --noinput
 
+# Exponiere Ports
+#EXPOSE 80 6379 8000
+
+# Setze Entrypoint
+ENTRYPOINT ["/konova/docker-entrypoint.sh"]

docker-entrypoint.sh

@@ -1,7 +1,26 @@
 #!/bin/bash
-# Start all needed services once the container is fired up!
-service nginx start
-service redis-server start
-celery -A konova worker --detach
-# Rule of thumb: (2*CPU)+1 as worker_num -> Use 5 as default (matches a dual core)
-gunicorn --workers=5 konova.wsgi:application --bind=0.0.0.0:8000 --access-logfile /var/log/gunicorn/access.log --error-logfile /var/log/gunicorn/error.log
+
+set -e  # Beende Skript bei Fehlern
+set -o pipefail  # Fehler in Pipelines nicht ignorieren
+
+# Starte Redis
+redis-server --daemonize yes
+
+# Starte Celery Worker im Hintergrund
+celery -A konova worker --loglevel=info &
+
+# Starte Nginx als Hintergrundprozess
+nginx -g "daemon off;" &
+
+# Setze Gunicorn Worker-Anzahl (Standard: (2*CPUs)+1)
+WORKERS=${GUNICORN_WORKERS:-$((2 * $(nproc) + 1))}
+
+# Stelle sicher, dass Logs existieren
+mkdir -p /var/log/gunicorn
+touch /var/log/gunicorn/access.log /var/log/gunicorn/error.log
+
+# Starte Gunicorn als Hauptprozess
+exec gunicorn --workers="$WORKERS" konova.wsgi:application \
+    --bind=0.0.0.0:8000 \
+    --access-logfile /var/log/gunicorn/access.log \
+    --error-logfile /var/log/gunicorn/error.log

nginx.conf

@@ -1,21 +1,25 @@
-upstream konova {
-    server localhost:8000;
-}
-
 server {
-
     listen 80;
     client_max_body_size 25M;
 
     location / {
-        proxy_pass http://konova;
+        proxy_pass http://127.0.0.1:8000;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header Host $host;
         proxy_redirect off;
+        proxy_cache_bypass $http_upgrade;
     }
 
     location /static/ {
         alias /konova/static/;
+        access_log /var/log/nginx/access.log;
+        autoindex off;
+        types {
+            text/css css;
+            application/javascript js;
+        }
     }
 
+    error_log /var/log/nginx/error.log;
 }